2020-10-30 05:22:24 +01:00
|
|
|
# Access Client Certificate (via Rustls)
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
### Certificate
|
|
|
|
|
|
|
|
All the self-signed certificate are in the ./certs directory, including the CA certificate
|
|
|
|
generated by [`mkcert`] that was used to create the server and client certs.
|
|
|
|
|
|
|
|
### Server
|
|
|
|
|
|
|
|
```sh
|
2021-10-06 23:28:53 +02:00
|
|
|
cd security/rustls-client-cert
|
2020-10-30 05:22:24 +01:00
|
|
|
cargo run
|
|
|
|
```
|
|
|
|
|
|
|
|
The server runs HTTP on port 8080 and HTTPS on port 8443.
|
|
|
|
|
|
|
|
### Providing Client Cert
|
|
|
|
|
|
|
|
Using [HTTPie]:
|
|
|
|
```sh
|
2021-05-26 07:37:30 +02:00
|
|
|
http https://127.0.0.1:8443/ --verify=certs/rootCA.pem --cert=certs/client-cert.pem --cert-key=certs/client-key.pem
|
2020-10-30 05:22:24 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
Using [cURL]:
|
|
|
|
```sh
|
|
|
|
curl https://127.0.0.1:8443/ --cacert certs/rootCA.pem --cert certs/client-cert.pem --key certs/client-key.pem
|
|
|
|
```
|
|
|
|
|
|
|
|
[`mkcert`]: https://github.com/FiloSottile/mkcert
|
|
|
|
[cURL]: https://curl.haxx.se/
|
|
|
|
[HTTPie]: https://httpie.org/
|